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CLAIMS 

1. Method for establishing security in an ad hoc communication network (106), 
5 the ad hoc network (106) comprising a set of communication nodes (101, 103- 

105) whereof at least two of the nodes (103-105) having a mutual trust relation 
and thus constituting a tmst group (102), the trust relations being created with 
public keys, and at least one additional node (101), being a candidate for 
joining the tmst group (102) within the ad hoc network (106), characterised 
10 by the nodes having authority to delegate tmst to nodes they tmst, 

the method comprising the steps of 

— a) identifying a node (103) within the tmst group having a tmst relation 
with the candidate node (101), a so-called X-node (103); 

— b) distributing tmst relations between all the members in the tmst group 
15 (102) and the candidate node (101) by means of the X-node (103). 

2. The method of claim 1, characterised by comprising the further step to be 
taken before step a), the candidate node (101) sending a message, comprising 
its pubUc key, to all nodes (103-105) within the network. 

20 

3. The method of any of the previous claims, characterised iQ that the ad hoc 
network (106) comprises a single tmst group (102), and a single candidate 
node (101), wherein step b), implies that the X-node (103) sends a signed 
message, comprising a list of the nodes (104, 105) that the X-node (103) tmsts 

25 within the ad hoc network (106), and all their corresponding pubUc keys, to 

the candidate node (101) . 

4. The method according to any of the previous claims, characterised in that 
step b) further impUes that the X-node (103) signs the candidate node's (101) 

30 public key. 
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5. The method according to the previous claim, characterised in that step b) 
further implies, the X-node (103), sends a message, comprising the candidate 
node's (101) signed public key, to the nodes (104-105) within the trust group 
(102). 

5 

6. The method according to claim 2 characterised in that the ad hoc network 
(201) comprises a set of nodes (A-M) comprising several trust groups (202- 
205), and all nodes (A-M) being candidates for joining all trust groups, within 
the ad hoc network, that they are not already a member of, the method 

10 comprising the further step to be taken, by each node (A-M), after receiving 

the messages from all candidate nodes (A-M), 

creating a list of the candidate nodes that the particular node trusts and their 
corresponding public keys. 

15 7. The method according to the previous daim, characterised by further 
compristQg the step of deciding one node (A) within the ad hoc network (201) 
to act as a server node (A). 

8. The method according to any of the claims 6-7, characterised by further 
20 comprising the step of, the server node (A) receiving from each other node (B- 

M) within the network, a message comprising its respective public key, the 
respective list of the candidate nodes that the respective node tmst and their 
corresponding public keys. 

25 9. The method according to the previous daim, characterised by further 
comprising the step of, the server node (A) classifying the at least one candidate 
node as being a server-trusted node (B, C, D, E, F and I) or as being a server- 
untmsted node (G, H, J, K, L and M), depending on whether the server node 
(A) trusts it or not. 
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10. The method according to the previous claim, wherein a server-trusted node 
trusting a server-untrusted node constitutes a so-called Y-node, characterised 
in that the step a) implies that the server node (A) identifies at least one Y- 
node required for distributing trust relations between the server node (A) and 
as many server-untrusted nodes as possible. 

11. The method according to the previous daim, characterised in step b) further 
implying that server node (A) sends a request to the identified Y-nodes (D, H) 
of distributing said tmst relations between server node A and server-imtrusted 
nodes- 

12. The method according to the previous claim, characterised in step b) further 
implying that server node (A) obtains said requested tmst relations. 

13. The method according to the previous claim, characterised in, the step of 
obtaining the trust relations compristag that for each server-untrusted node 
that the Y-node have a trust relation with, the Y-node signs the public key of 
the server node (A) and forwards it to the server-untrusted node. 

14. The method according to any of the claims 12-13, characterised in the step 
of obtaining the trust relations comprising that for each server-untmsted node 
that the Y-node have a tmst relation with, the Y-node signs the public key of 
the server-untmsted node and forwards it to the server node (A). 

15. The method according to any of the claims 12-14, characterised by 
comprising the further step of, server node (A), after obtaining said tmst 
relation, reclassifying the server-untmsted node with the obtained tmst relation 
as being a server-tmsted node. 
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16. The method according to any of the claims 12-15, characterised by 
comprising the further step of, server node (A) sending a signed message 
comprising the server node's (A) all tmsted public keys belonging to trusted 
candidate nodes within the ad hoc network. (201). 

17. An ad hoc communication network (106) comprising a set of communication 
nodes (101, 103-105) whereof 

the nodes (101, 103-105) each comprising a receiver and a computer, the 

computer comprising a processor and a memory, 

the nodes (101, 103-105) being interconnected with commimication links, 
at least two of the nodes (103-105) are having a mutual tmst relation and 

thus constituting a trust group (102), the tmst relations being created with 

pubUc keys, and 

at least one additional node (101) being a candidate for joining at least one 
tmst group (102) within the ad hoc network, 
characterised by 

the candidate node (101) having means for requesting if any of the nodes 
within the tmst group (102) have a tmst relation with the candidate node 
(101), 

the nodes being authorised to and are having means for, distributing tmst 
relations between its tmst group(102) and the candidate node (101) that it 
tmsts. 

18. The ad hoc communication network (201) according to the previous daim, 
characterised by each node (A-M) having means for creating a list of the 
candidate nodes that the node tmsts and their corresponding public keys, to 
be stored in the memory. 

19. The ad hoc communication network according to any of the claims 17-18, 
characterised in that one node (A) within the ad hoc network (201) being a 
server node (A), capable of administrate distribution of tmst relations. 
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20. The ad hoc commxinication network (201) according to the previous daim, 
characterised by the server node (A) having means for classifying the at least 
one candidate node as being a server- trusted node (B, C, D, E, F and 1), or as 
being a server-untrusted node (G, H, J, K, L and M), depending on whether 
the server node (A) trusts the candidate node or not 

21. The ad hoc communication network (201) according to the previous daim, 
wherein a server-trusted node trusting a server-untrusted node constitutes a 
so-called Y-node characterised by the server node (A) having means for 
identifying at least one Y-node (D, H) required for distributing trust relations 
between the server node A and the server-untrusted nodes. 



22. The ad hoc communication network (201) according to the previous claim 
characterised by the server node (A) having means for sending to each of the 
identified Y-nodes (D, H), 

a request as to which of the server-vmtrusted nodes (G, H, J and M) the Y- 
node (D, H) has a tmst relation with, and 

a request for distributing tmst relations between the server node (A) and 
the requested server-untmsted nodes. 

23. The ad hoc communication network according to any of the claims 20-22, 
characterised by the server node (A) having means for distributing obtained 
tmst relations to the nodes within the ad hoc commimication network (201). 

24. A computer program product dir^tiy loadable into the internal memory of a 
digital computer within a node beiy^^ member of an ad hoc communication 
network, comprising software cod^^p^h^ for performing the steps of any 
of the claims 1-16 when said product is ^n on a computer. 
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25. A computer program proc^:t^stored on a computer usable medixun, 
comprising readable program fcV^sau^Uig a computer, within a node being a 
member of an ad hoc communicatt^n network, to control an execution of the 
steps of any of the claims 1-16. 



